Skip to main content
Glama
vespo92

OPNSense MCP Server

by vespo92
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

update_firewall_rule

Modify firewall rule settings such as source, destination, ports, and description on OPNSense MCP Server using the rule's UUID for precise configuration updates.

Instructions

Update a firewall rule

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
descriptionNoNew description
destinationNoNew destination
destinationPortNoNew destination port
enabledNoEnable/disable rule
sourceNoNew source
sourcePortNoNew source port
uuidYesFirewall rule UUID

Implementation Reference

  • src/plugins/core/core-firewall/index.ts:134-151 (registration)
    Registration of the 'firewall_update_rule' MCP tool, including name, description, input schema requiring uuid and rule object, and handler binding
      name: 'firewall_update_rule',
  description: 'Update an existing firewall rule',
  inputSchema: {
    type: 'object',
    properties: {
      uuid: {
        type: 'string',
        description: 'Rule UUID',
      },
      rule: {
        type: 'object',
        description: 'Rule properties to update',
      },
    },
    required: ['uuid', 'rule'],
  },
  handler: this.updateRule.bind(this),
},
  • src/plugins/core/core-firewall/index.ts:347-378 (handler)
    Handler function that updates a firewall rule via OPNsense API endpoint `/api/firewall/filter/setRule/{uuid}`, applies changes, emits 'firewall.rule.updated' event, invalidates rule cache, and returns success response or throws error.
    private async updateRule(params: { uuid: string; rule: any }): Promise<any> {
  try {
    const response = await this.api.post(
      `/api/firewall/filter/setRule/${params.uuid}`,
      { rule: params.rule }
    );

    if (response.data?.result === 'saved') {
      // Apply changes
      await this.applyChanges({});

      // Emit event
      this.emit('firewall.rule.updated', {
        uuid: params.uuid,
        changes: params.rule,
      });

      // Invalidate cache
      this.ruleCache.delete(params.uuid);

      return {
        success: true,
        message: 'Firewall rule updated successfully',
      };
    }

    throw new Error('Failed to update firewall rule');
  } catch (error) {
    this.logger.error(`Error updating firewall rule ${params.uuid}:`, error);
    throw error;
  }
}

Tool Definition Quality

C2.3/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden but only states the action ('update') without disclosing behavioral traits like required permissions, whether changes are immediate or require a restart, potential side effects, or error handling. It lacks details on what 'update' entails beyond the basic operation, leaving significant gaps in transparency.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, direct sentence with zero wasted words, making it highly concise and front-loaded. It efficiently states the core action without unnecessary elaboration, though this brevity contributes to gaps in other dimensions.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a mutation tool with 7 parameters, no annotations, and no output schema, the description is inadequate. It lacks context on behavior, usage, and output, failing to compensate for the absence of structured data. The agent would struggle to use this tool effectively without additional information.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, clearly documenting all 7 parameters (e.g., 'uuid' for identification, 'enabled' for toggling). The description adds no additional meaning beyond the schema, such as explaining parameter interactions or constraints. Baseline 3 is appropriate as the schema does the heavy lifting.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose2/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'Update a firewall rule' restates the tool name with minimal elaboration, making it tautological. It specifies the verb ('update') and resource ('firewall rule') but lacks detail on scope or differentiation from sibling tools like 'toggle_firewall_rule' or 'create_firewall_rule', leaving the purpose vague beyond the obvious.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines1/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives such as 'toggle_firewall_rule' (for enabling/disabling) or 'create_firewall_rule' (for new rules). The description offers no context, prerequisites, or exclusions, leaving the agent without direction on appropriate usage scenarios.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Related Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/vespo92/OPNSenseMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server